Description
Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence.
Published: 2026-06-26
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An unauthenticated remote information disclosure vulnerability exists in the quantization engine component of Ollama’s Ollama software. The flaw allows an attacker to read arbitrary data from the server’s heap memory, potentially exposing sensitive information such as user data, credentials, or other private data. This exposure can facilitate further attacks, enabling an adversary to compromise the system or maintain stealthy persistence. The weakness involves unintended memory access (CWE-822).

Affected Systems

The affected product is Ollama AI’s Ollama software. The advisory does not specify affected versions; therefore, all currently deployed installations should be considered potentially impacted until an official update is released.

Risk and Exploitability

Since the quantization engine is reachable over the network and no authentication is required, an attacker can trigger the disclosure remotely, making the attack vector high. The EPSS score of <1% indicates a low probability of exploitation in the wild, but the CVSS score of 7.5 signals substantial severity, signaling that the vulnerability could lead to significant data loss if utilized. The vulnerability is not listed in CISA’s KEV catalog, suggesting it is not part of known, active exploitation campaigns.

Generated by OpenCVE AI on July 14, 2026 at 11:59 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any vendor‑supplied patch or update for Ollama as soon as it becomes available.
  • Restrict network access to the Ollama service by deploying firewall rules, placing the server behind a VPN, or limiting access to trusted hosts to reduce exposure and mitigate potential data leakage.
  • Isolate or disable the quantization engine component if a patch is not yet available, such as running Ollama in a separate container or virtual environment with minimized permissions, to contain the risk.

Generated by OpenCVE AI on July 14, 2026 at 11:59 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Jul 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-822
References
Metrics threat_severity

None

threat_severity

Important


Mon, 29 Jun 2026 20:00:00 +0000

Type Values Removed Values Added
First Time appeared Ollama
Ollama ollama
Vendors & Products Ollama
Ollama ollama

Fri, 26 Jun 2026 21:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Fri, 26 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 26 Jun 2026 18:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-200

Fri, 26 Jun 2026 16:00:00 +0000

Type Values Removed Values Added
Description Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence.
Title There exists an unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine
References

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published:

Updated: 2026-06-26T18:38:23.503Z

Reserved: 2026-04-07T16:59:20.290Z

Link: CVE-2026-5757

cve-icon Vulnrichment

Updated: 2026-06-26T15:52:23.093Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Important

Publid Date: 2026-06-26T15:15:28Z

Links: CVE-2026-5757 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-07-14T12:00:05Z

Weaknesses
  • CWE-822

    Untrusted Pointer Dereference